It has been quite some times that researchers have warned about the known issue in the Management Engine. And Intel has confirmed it.
Intel has a lot of features for IT managers, but it requires system access that is certainly tempting for attackers. Intel's Management Engine has a bug, and Intel has confirmed that worst-case fears may be possible.
Management Engine is Intel's remote administration feature, an independent subsystem.
What it does, is to allow administrators to control devices remotely for all types of functions, including applying updates and troubleshooting.
But since it has extensive access to and control over the main system processors, the bug opens multiple holes that could let remote attackers run malicious software, get privileged access and take over computers.
Some researchers have even called Intel's Management Engine as an unnecessary feature.
The vulnerability affects sixth, seventh and eighth generation of Core chips (Skylake, Kaby Lake and Kaby Lake R), along with Pentium, Celeron, Atom and also Xeon chips.
What makes things worse is that the bug can even run when a computer is "off", as long as the computer is plugged in. This is because the Management Engine is located on a separate microprocessor, making it essentially a totally separate computer.
The disclosed vulnerabilities can also cause instability or system crashes.
The bug allows hackers to impersonate the Management Engine, Server Platform Services, and Trusted Execution Engine to bypass security verifications. And Intel said that the bug can give a path for hackers to "load and execute arbitrary code outside the visibility of the user and operating system."
This is the crucial danger of the Management Engine.
If exploited, because it runs on a separate microprocessor, many Management Engine attacks wouldn't raise red flags.
To address the issue, Intel that found the vulnerabilities after conducting a security audit, released a security advisory that lists new vulnerabilities in Management Engine, as well as bugs in the remote server management tool Server Platform Services, and Intel’s hardware authentication tool Trusted Execution Engine.
It has also published a Detection Tool so Windows and Linux administrators can check their systems to see if they're exposed.
As with previous Management Engine bugs, nearly every Intel chip is impacted, affecting servers, PCs, and IoT devices.
Intel can provide the necessary updates to manufacturers, but customers need to wait for hardware companies to actually push the fixes out.
"These updates are available now," said Intel said in a statement. "Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems, and apply any applicable updates as soon as possible."
The good news is that most of the vulnerabilities require local access to exploit. What this means, hackers need to have access to a network. But still, that could change.